|
|
I received a phone call this morning on the way to work from my wife who said she received an email from my BT Account at 12:30am today at her work email. It had been sent to all my contacts in my BT Yahoo contacts list. At that time last night all my computers were turned off (We had a chinese and an early night  ). IN getting to work this morin g my boss also said he received the mail from me together with one of the other guys I have as a contact. Later this morning I received a mail from the other guy saying he had also received a mail from another guy at work who has a BT Account with the same message contents.
Were the BT servers last night compromised and all contact details used by someone to send stupid emails?
Not happy as the only way I know of stopping this is to delete all my contacts so that BT Yahoo no longer hold those details, which I did this morning. Checked my outbox and there were no messages recorded as being sent since 1st November (I use different methods rather than the online mail fro sending messages in most cases).
Can't find any mention of this anywhere.
TLMC
|
|
|
Damn clever these Chinese!
1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 19 Meg WBC
|
|
|
Or one of the three of you has a virus which has attacked the other two.
Have you run a full scan, with updated detection software?
I'm afraid whether the problem is this, or Yahoo, your contact list is a horse.
My broadband basic info/help site - www.robertos.me.uk
My domains,website and mail hosting - Tsohost. Internet connection - IDNet Home Starter Fibre. Live BQM.
"Where talent is a dwarf, self-esteem is a giant." - Jean-Antoine Petit-Senn.
|
|
Register (or login) on our website and you will not see this ad.
|
|
|
|
yep ran a scan and nothing found. This appears to have happened whilst all my computers were turned off. My guess is something happened on the BT Servers rather than locally as I use outlook and have a lot more contacts than on my BT Account. It only went to my BT stored contents not my Outlook contacts. A totally different set of contacts. He was not one of mine and I am not one of his
TLMC
|
|
|
yep, it was repeating a bit
|
|
|
Maybe one of your previously sent emails To:/CC: your Yahoo contacts got forwarded into the wrong hands, In which case there would be no security breach.
Can you tell if one of your Yahoo contacts did not get the spam?
1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 19 Meg WBC
|
|
|
|
I have never sent an email to all of my contacts in one go as they are all diverse contacts hence this one looking like something happened at BT. Checked my outbox and nothing that contans all the contacts, in fact some of the contacts are not used on emails. One thing it has done is give me some feedback on my contact details as some of them are not deliverable due to no longer valid addresses, but hey, I've now deleted them all my contacts as stored on the BT servers/cloud so that's no longer a problem
TLMC
|
|
|
all my contacts as stored on the BT servers/cloud so that's no longer a problem Till it rains.
My broadband basic info/help site - www.robertos.me.uk
My domains,website and mail hosting - Tsohost. Internet connection - IDNet Home Starter Fibre. Live BQM.
"Where talent is a dwarf, self-esteem is a giant." - Jean-Antoine Petit-Senn.
|
|
|
Virgin Media have just come under attack: http://www.ispreview.co.uk/story/2011/11/23/virgin-m...
Sounds like BT are now the target. Change your password to a strong one is about all you can do I think.
|
|
|
Obviously the simple method of locking an account after say 10 bad login attempts has passed Virgin and others by.
|
|
|
http://www.pcpro.co.uk/news/security/371347/mysterio...
Yahoo which is the core bit of BT email, so not your PC, but suggestion is a brute force dictionary attack
|
|
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
|
|
|
|
Switch to gmail. Use a strong password with two factor authentication.
|
|
|
The article also says gmail is at risk. Further investigation reveals similar issues are being reported by Gmail and Yahoo Mail users, with thousands of forum complaints about the issue over the last month.
My broadband basic info/help site - www.robertos.me.uk
My domains,website and mail hosting - Tsohost. Internet connection - IDNet Home Starter Fibre. Live BQM.
"Where talent is a dwarf, self-esteem is a giant." - Jean-Antoine Petit-Senn.
|
|
|
|
|
|
|
|
Looks good, but it does all depend on you having a mobile phone ...
Some of us don't use them ... so what do we do to gain extra security????
Bah, Humbug!
Rob
|
|
|
|
You can use a land line instead.
|
|
|
Aha, thanks ... the blurb does not mention that ... useful to know ... not a lot of good if you are trying to read your mail out of the home 
But, I guess it's better than nothing ... and you can use the "don't ask again for 30 days" thing).
Too much reliance on people owning/using mobiles (and things like twatter etc).
Yet another example of the digital divide - a great concern once you think about the elderly.
Rob ( ex-programmer, who crashed his first machine in 1966, an Elliot Automation 803 !!)
|
|
|
You can use a land line instead. Are you sure? Not many landline handsets do SMS.
Mine does, but every site I've used that wants a phone to send SMS security/confirmations will not accept a landline #.
1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 19 Meg WBC
|
|
|
|
It comes as a voice call and the robot reads out the code.
|
|
|
|
The problem with that it that is can create a DoS attack vector.
The authentication system in our apps does this, unlocking the account after an hour to avoid admin intervention being required unless the user needs to login during that one hour window. It isn't difficult to implement but I can see why a large ISP might not want to: they might get lots of people phoning up to have their account unlocked either because they've got the password wrong themselves a few times or a brute force attempt has happened (support staff are not a free resource).
|
|
|
|
Thanks,
Was wondering how they were going to do it ... hooray for TTS systems ...
Rob
|
|
|
|
strong password would be nice, but BT doesn't allow things like &%*+ in passwords, which I think makes them really strong. I've made mine as strong as I think I can, but would like to be able to use the above
|
|
|
|
I didn't know that, that's really bad. You should use another email provider tbo. I switched a while ago after getting tired of all the spam.
|
Pages in this thread: 
Print Thread
deleted
